On Wed, 4 Dec 2019 22:58:23 +0100 (CET) "Carlos E. R." <robin.listas@telefonica.net> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
I wrote a little script to change group owner and permissions of my photo tree:
#!/bin/bash
find /data/storage_b/cer/Pictures /data/storage_b/cer/Pictures.tmp /data/storage_b/cer/Pictures.astro -type f \ -exec sudo chgrp cer '{}' \; \ -exec sudo chmod u+r+w,g+r+w,o+r-w-x,-t '{}' \; \ -exec sudo setfacl -m g:users:r '{}' \;
With corresponding sudoers file entries:
cer Telcontar = (root) /usr/bin/setfacl -m g\:users\:rx * cer Telcontar = (root) /usr/bin/setfacl -m g\:users\:r * cer Telcontar = (root) /usr/bin/chgrp cer * cer Telcontar = (root) /usr/bin/chmod u+r+w+x\,g+w+x\,o-r-w-x\,+t * cer Telcontar = (root) /usr/bin/chmod u+r+w\,g+r+w\,o+r-w-x\,-t *
The script works, but there is a nuisance side effect on syslog: thousands of photos, so several times as many long entries:
<10.6> 2019-12-04 22:53:10 Telcontar sudo - - - pam_unix(sudo:session): session opened for user root by (uid=0) <10.6> 2019-12-04 22:53:10 Telcontar sudo - - - pam_unix(sudo:session): session closed for user root <4.5> 2019-12-04 [snip]
This spams my log file and makes the script much slower.
Ideas?
I can of course run the script directly as root.
That's what I would do.
sudo find? With a loooong sudoers line, more "dangerous" when I put the '*' somewhere - I can't put the entire script.
why do you need any sudoers line at all?
sudo script? I thought that was forbidden.
I can not try anything now, the script has not finished...
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org